Summary

Cisco NX-OS contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted device.

The vulnerability is due to improper processing of certain packets by the affected devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted packets to the targeted device. Successful exploitation could allow the attacker to cause a DoS condition on the targeted device.

Cisco has confirmed this vulnerability and has released updated software.

Indicators of Compromise

Cisco NX-OS versions 5.0 and 5.1 running on Cisco Nexus 2000 Series and Cisco Nexus 5000 Series switches are vulnerable.

Technical Information

The vulnerability is due to improper processing of certain Internet Group Management Protocol (IGMP) packets by the igmp_snoop_orib_fill_source_update() function.

An unauthenticated, remote attacker could exploit this vulnerability by sending crafted IGMP packets to the targeted devices. Processing such packets could cause the attacker to remotely reload the device, resulting in a DoS condition.

Analysis

In typical network configuration, the vulnerable devices are behind a firewall. To exploit this vulnerability, an attacker must have access to the internal network to send crafted packets to the vulnerable devices. This access requirement could limit the likelihood of a successful exploit.

Safeguards

Administrators are advised to apply the appropriate updates.

Administrators are advised to allow only trusted users to have network access.

Administrators are advised to monitor affected systems.

Vendor Announcements

Fixed Software

Cisco customers with active contracts can obtain updates through the Software Center at the following link: Cisco. Cisco customers without contracts can obtain upgrades by contacting the Cisco Technical Assistance Center at 1-800-553-2447 or 1-408-526-7209 or via e-mail at tac@cisco.com.

Revision History

Affected Products

The security vulnerability applies to the following combinations of products.

Primary Products

Associated Products

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A
PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM
THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products